Information Security

arping – Backtrack 5 – Information Gathering – Network Analysis – Identify Live Hosts – arping

The arping application is a simple command that will allow you to ping devices by hostname, IP address, or MAC address. The unfortunate part is that most device will not respond to the arp requests, which are directed broadcast ICMP echo requests, though there are some out there that do. I go into more detail below regarding pinging via MAC address by providing an example of the typical output, example output when a MAC address responds to the ICMP echo requests, and details about how to configure hosts to respond to these ICMP echo requests. I also show a couple of the switches available with arping and provide examples of using arping to ping devices by IP and host.

Technology Insights

dnsenum – Backtrack 5 – Information Gathering – Network Analysis – DNS Analysis – dnsenum

The Perl script as described in its Perl documentation is a multithreaded script to enumerate information on a domain and to discover non-contiguous IP blocks. So the gist of dnsenum is to gather information about a specific domain using various sources. Information gathered about a domain includes sub domains, associated IP ranges, name servers, mx records, reverse DNS records, hostname IP addresses, and potential vulnerabilities via zone transfers. Below we go into detail regarding the switches available with dnsenum as well as what the command returns by default without and CLI switches.

Information Security

snmpcheck – Backtrack 5 – Information Gathering – Network Analysis – SNMP Analysis – snmpcheck

SNMP can be a hidden gem that seems to be overlooked sometimes during penetration testing. It is really cool the information you can obtain just using snmpwalk from the command line however the information can be lengthy and unless you are an SNMP OID library or feel like googling a bunch of different stuff it really helps to have tools such as snmpcheck available. Below we describe what snmpcheck, which is written in Perl, will accomplish for you and we also provide a couple of examples against Ubuntu and a Cisco router.

Information Security

smbclient – Backtrack 5 – Information Gathering – Network Analysis – SMB Analysis –

In the Backtrack menu under Information Gathering > Network Analysis > SMB Analysis there is a menu item named smbclient which should actually be named While the script does actually use smbclient it provides a different interface, commands, no switches, etc. making it fairly different than smbclient itself. While both smbclient and are supposed to provide the same end results they don’t because is extremely buggy so I will be writing an article on each so there is no confusion.

Technology Errors

smbclient Backtrack Linux – sh: line 0: cd: /pentest/python/impacket-examples/: No such file or directory

When attempting to launch smbclient via the Backtrack menu in Backtrack Linux version 5 release 3 you will receive an error stating there is no such file or directory. It appears some of the paths have changed between Backtrack Linux releases and the menu item for smbclient was not updated. I personally prefer smbclient from the command line however if you like the python script then fixing it is easy as noted in the details below.